Privacy Policy
This Privacy Policy describes how JobSearchPrep ("we", "us", "our") collects, uses, and protects your personal information when you use our platform.
1. Information we collect
Account information
When you create an account, we collect your name, email address, and (if you sign in with LinkedIn or Google) your profile picture and verified email from those providers. We do not store passwords for OAuth accounts; if you sign up with email, your password is hashed and stored by our authentication provider (Supabase).
Career information
You voluntarily provide career information including your master narrative, accomplishments, target roles, job descriptions, and tailored resumes. This information is the core of what JobSearchPrep does. We treat it as sensitive personal information.
Usage information
We log usage of our AI features (model used, token counts, action type) for billing reconciliation and quota enforcement. We do not log the contents of your prompts or AI outputs in our usage logs.
Payment information
Payment information is collected and stored by Stripe, our payment processor. We never see or store your full credit card number. We retain only Stripe's customer ID and subscription status.
2. How we use your information
- To provide the JobSearchPrep service (resume tailoring, interview briefings, campaign tracking)
- To send your career data to Anthropic's Claude API for processing (subject to Anthropic's data usage policies — Anthropic does not train on API submissions by default)
- To enable expert review of your resumes by our reviewers (with your consent when you click "request expert review")
- To send you transactional emails about your account, subscription, and reviews
- To enforce subscription tiers and quotas
- To detect and prevent fraud or abuse
3. What we do NOT do with your information
- We do not sell your data to third parties
- We do not use your resume content to train public AI models
- We do not share your data with recruiters, employers, or job boards without your explicit action (such as you choosing to download and send a resume)
- We do not show advertising on the platform
4. Third-party services we use
- Supabase — authentication and database hosting (data stored in their secure infrastructure)
- Stripe — payment processing
- Anthropic — AI model provider for resume tailoring and interview briefings
- Netlify — web hosting and serverless functions
- Resend — transactional email delivery
- Google, LinkedIn — optional OAuth sign-in providers
5. Data retention and deletion
We retain your data while your account is active. You may delete your account at any time from Settings → Account → Delete account. Deletion removes your profile, narrative, resumes, briefings, applications, and reviews from our active database within 24 hours. Backup copies may persist for up to 30 days before being purged.
6. Your rights
If you are a resident of California, the European Economic Area, or other jurisdictions with comprehensive privacy laws, you have the right to:
- Access the personal information we hold about you
- Request correction of inaccurate information
- Request deletion of your information
- Export your information (available from Settings → Account → Export data)
- Object to or restrict certain processing
To exercise these rights, use the in-app controls or email us at privacy@jobsearchprep.ai.
7. Security
We use industry-standard encryption (TLS in transit, AES-256 at rest via Supabase), Row-Level Security policies on every database table, server-side enforcement of access controls, and regular security reviews. No system is perfectly secure; we encourage you to use a strong, unique password and to sign out from shared devices.
8. Changes to this policy
We may update this policy as our practices evolve. Material changes will be notified to active subscribers by email at least 14 days before they take effect.
9. Contact
For privacy questions: privacy@jobsearchprep.ai
For everything else: support@jobsearchprep.ai
Note: This Privacy Policy is provided as a starting template. Before going live with paying customers, you should have it reviewed by a qualified attorney or use a service like Termly or Iubenda that provides lawyer-reviewed templates. Privacy law (GDPR, CCPA, state laws) varies by jurisdiction and changes frequently.